What type of app allows users to perform certain functions but may also steal sensitive information?

The correct answer is that a Trojan app allows users to perform certain functions while also being able to steal sensitive information. A Trojan typically disguises itself as a legitimate application or file, often tricking users into downloading it. Once installed, it can carry out its intended malicious operations, such as capturing sensitive data (like passwords or credit card numbers) or providing unauthorized access to the device.

Trojans are particularly dangerous because they may function in a way that seems harmless or even beneficial to the user, which leads to greater trust and more extensive access to the system. This makes users more vulnerable to data breaches, as they might not realize they are interacting with a malicious program.

In contrast, other types of applications mentioned do not fulfill this same function. For instance, denial-of-service (DDoS) attacks are focused on overwhelming resources rather than stealing personal data, while side-channel and on-path attacks refer to methods of eavesdropping and interception rather than applications designed to appear useful while they compromise security.